31 matches found
EUVD-2026-16242
Mattermost versions 11.4.x = 11.4.0, 11.3.x = 11.3.1, 11.2.x = 11.2.3, 10.11.x = 10.11.11 fail to validate decompressed archive entry sizes during file extraction which allows authenticated users with file upload permissions to cause a denial of service via crafted zip archives containing highly...
Mattermost doesn't validate decompressed archive entry sizes during file extraction
Mattermost versions 11.4.x = 11.4.0, 11.3.x = 11.3.1, 11.2.x = 11.2.3, 10.11.x = 10.11.11 fail to validate decompressed archive entry sizes during file extraction which allows authenticated users with file upload permissions to cause a denial of service via crafted zip archives containing highly...
EUVD-2020-0069
Malware in sbrugna...
EUVD-2021-16117
Malware in sbrugna...
Path Traversal
github.com/mattermost/mattermost-server is vulnerable to path traversal. The vulnerability is due to improper sanitization of file names, which allows an attacker with file upload permissions to overwrite file attachment thumbnails via file streaming APIs...
CVE-2025-23171
The Versa Director SD-WAN orchestration platform provides an option to upload various types of files. The Versa Director does not correctly limit file upload permissions. The UI appears not to allow file uploads but uploads still succeed. In addition, the Versa Director discloses the full filenam...
CVE-2021-41231
OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, an administrator with the permissions to upload files via DataFlow and to create products was able to execute arbitrary code via the convert profile. Versions 19.4.22 and 20.0.19 contain a patch for this issue...
PT-2023-32114 · WordPress · Cits Support Svg
Name of the Vulnerable Software and Affected Versions: CITS Support svg, webp Media and TTF,OTF File Upload WordPress plugin versions prior to 3.0 Description: The issue concerns the failure to sanitise uploaded SVG files, potentially allowing users with a role as low as Author to upload maliciou...
DataEase 跨站脚本漏洞
DataEase is an open source data visualization and analysis tool. It is used to help users quickly analyze data and gain insights into business trends for business improvement and optimization. A cross-site scripting vulnerability exists in DataEase 1.18.4 and earlier versions that stems from not...
SUSE CVE-2020-24583
An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 when Python 3.7+ is used. FILEUPLOADDIRECTORYPERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to intermediate-level...
Directory Traversal
github.com/alist-org/alist is vulnerable to directory traversal. The vulnerability exists due to a lack of validation of the file upload permissions in the library, allowing an attacker to gain access to restricted files using ... / on the path URL...
Arbitrary File Upload
github.com/mindoc-org/mindoc is vulnerable to arbitrary file upload. The vulnerability exists in Unzip function in ziptil.go due to file upload permissions and validations are not properly handled which allows an attacker to upload malicious files...
MODX Revolution allows overwriting .htaccess
In MODX Revolution before 2.5.7, a user with file upload permissions is able to execute arbitrary code by uploading a file with the name .htaccess...
GHSA-23GJ-X27G-R34F MODX Revolution allows overwriting .htaccess
In MODX Revolution before 2.5.7, a user with file upload permissions is able to execute arbitrary code by uploading a file with the name .htaccess...
PT-2021-23490 · Unknown · Abantecart
Name of the Vulnerable Software and Affected Versions: AbanteCart versions prior to 1.3.2 Description: An issue was discovered that allows any low-privileged user with file-upload permissions to upload a malicious SVG document containing an XSS payload. Recommendations: For versions prior to 1.3....
CVE-2021-41745
ShowDoc 2.8.3 ihas a file upload vulnerability, where attackers can use the vulnerability to obtain server permissions...
Design/Logic Flaw
Directus 8 before 8.8.2 allows remote authenticated users to execute arbitrary code because file-upload permissions include the ability to upload a .php file to the main upload directory and/or upload a .php file and a .htaccess file to a subdirectory. Exploitation succeeds only for certain...
CVE-2021-29641
Directus 8 before 8.8.2 allows remote authenticated users to execute arbitrary code because file-upload permissions include the ability to upload a .php file to the main upload directory and/or upload a .php file and a .htaccess file to a subdirectory. Exploitation succeeds only for certain...
CVE-2021-29641
CVE-2021-29641 affects Directus 8 up to 8.8.2. The vulnerability arises from file-upload permissions that allow uploading a PHP file to the main upload directory and, in a subdirectory, a PHP file plus an .htaccess, enabling remote authenticated code execution. Exploitation is limited to specific...
GHSA-M6GJ-H9GM-GW44 Django Incorrect Default Permissions
An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 when Python 3.7+ is used. FILEUPLOADDIRECTORYPERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to intermediate-level...